LDAP and account experation date

14 views
Skip to first unread message

Predrag Punosevac

unread,
Oct 26, 2020, 9:24:51 PM10/26/20
to springdale-users

Dear All,

I was wondering if you could kindly share with me your account expiration settings. Namely, I would like LDAP user accounts to be automatically disabled after certain date.
I tried using shadowExpire LDAP attribute.

I am using OpenBSD build in LDAP server as my centralized authentication and authorization server for our not so small ML Lab. I do have

shadowExpire: 15159

attribute set for each user just like in this document (note that 15159 is the time in days from the UNIX epoch, I also tried setting up in seconds).


I also edited my sssd.conf file accordingly per only document I found on this topic on the Red Hat portal


[domain/EXAMPLE]
access_provider = ldap
ldap_pwd_policy = shadow
ldap_access_order = pwd_expire_policy_reject

I also see this link


but I don't have Red Hat subscription. I am sure I am not the only one trying to implement account expiration policy.

Cheers,
Predrag
Reply all
Reply to author
Forward
0 new messages